ClawHub

Skill Combo - 技能组合器

Security checks across malware telemetry and agentic risk

Overview

This skill is a clear skill-combining coordinator, but it needs Review because it can route tasks through broad sets of installed skills without clear safety controls.

Install only if you understand that this coordinator can amplify the powers of other installed skills. Use it with trusted downstream skills, avoid combining it with skills that can post publicly, delete data, spend money, access private accounts, or create persistent tasks unless each action is explicitly confirmed, and inspect any separate runtime implementation before relying on it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
The skill loader accepts arbitrary skill names, resolves paths, reads their content, and dynamically imports them with no allowlist, trust boundary, sandboxing, or capability restriction. In a combo/orchestration skill, this is especially dangerous because it amplifies the privileges and behaviors of every referenced skill, allowing a user to chain in unsafe or malicious skills and have them executed automatically.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly promotes combining arbitrary installed skills and lists execution modes such as sequential, parallel, and conditional execution, but it does not warn that invoked skills may perform side effects such as data access, external calls, reminders, or state-changing actions. In a skill-composition engine, this omission can cause users to combine untrusted or high-privilege skills without understanding the compounded risk, increasing the chance of unintended actions or data exposure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal